Limit Access Except from Specific Computers

I am developing a very simple web application for a family member. She has employees that work from several different locations. She wants a web application that will allow her employees to clock in and out via a web interface. The problem is that she doesn't want them to be able to do this from home or any other location except from her offices. The application is simple enough, but how can I restrict access from the web and only allow her office computers to use it. I thought about some firewall rules, but some sites might have dynamic ip's. Really what I would like to happen is when you connect from an unautherized computer a page would come up saying that you cannot connection outside the office. Any thoughts?